Search Results | AttackerKB

Attacker Value

Disclosure Date: December 21, 2020 (last updated February 22, 2025)

SolarWinds Web Help Desk 12.7.0 allows CSV Injection, also known as Formula Injection, via a file attached to a ticket.

Attacker Value

Disclosure Date: December 18, 2020 (last updated February 22, 2025)

SolarWinds Web Help Desk 12.7.0 allows XSS via the First Name field of a User Account.

Attacker Value

Disclosure Date: December 18, 2020 (last updated February 22, 2025)

SolarWinds Web Help Desk 12.7.0 allows XSS via an uploaded SVG document in a request.

Quick Cookie Notification